When the Hunter Becomes the Hunted!
Plugins that are designed to protect your WordPress site aren’t immune form security issues.
Case in point is the Wordfence plugin we use on all the WPBlogSupport Managed sites. About an hour ago we were updated to a vulnerability in the actual Wordfence plugin.
There is a reflected XSS vulnerability in Wordfence versions 6.1.1 to 6.1.6. This vulnerability was reported to us an hour ago by a researcher. We have standardized on the CVSS vulnerability scoring mechanism and the vulnerability score in this case is 6.1 (Medium).
If you have Wordfence firewall enabled, this vulnerability does not affect you because you are protected against it. Wordfence firewall has had protection against XSS attacks since 6.1.1.
We’ve got you covered if your enjoy Unlimited WordPress Support from our team of WordPress Tutorial– your site has already been updated AND we run the Wordfence firewall by default.
If you have any questions or think you might need Managed WordPress Hosting or Unlimited WordPress Support just call, we’re here to help.
